[Midnightbsd-cvs] src [11703] trunk/share/man/man5/rc.conf.5: update rc.conf man page
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Jul 9 09:03:16 EDT 2018
Revision: 11703
http://svnweb.midnightbsd.org/src/?rev=11703
Author: laffer1
Date: 2018-07-09 09:03:15 -0400 (Mon, 09 Jul 2018)
Log Message:
-----------
update rc.conf man page
Modified Paths:
--------------
trunk/share/man/man5/rc.conf.5
Property Changed:
----------------
trunk/share/man/man5/rc.conf.5
Modified: trunk/share/man/man5/rc.conf.5
===================================================================
--- trunk/share/man/man5/rc.conf.5 2018-07-09 12:46:56 UTC (rev 11702)
+++ trunk/share/man/man5/rc.conf.5 2018-07-09 13:03:15 UTC (rev 11703)
@@ -1,3 +1,4 @@
+.\" $MidnightBSD$
.\" Copyright (c) 1995
.\" Jordan K. Hubbard
.\"
@@ -22,10 +23,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $MidnightBSD: src/share/man/man5/rc.conf.5,v 1.4 2009/11/28 22:44:32 laffer1 Exp $
-.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.256.2.20.2.1 2006/05/05 09:58:12 flz Exp $
+.\" $FreeBSD: stable/10/share/man/man5/rc.conf.5 325799 2017-11-14 09:31:56Z eugen $
.\"
-.Dd July 22, 2012
+.Dd February 28, 2016
.Dt RC.CONF 5
.Os
.Sh NAME
@@ -39,8 +39,7 @@
started up at system initial boot time.
In new installations, the
.Nm
-file is generally initialized by the system installation utility,
-.Xr sysinstall 8 .
+file is generally initialized by the system installation utility.
.Pp
The purpose of
.Nm
@@ -65,6 +64,10 @@
is used to override settings in
.Pa /etc/rc.conf
for historical reasons.
+.Pp
+The sysrc(8) command provides a scripting interface to modify system
+config files.
+.Pp
In addition to
.Pa /etc/rc.conf.local
you can also place smaller configuration files for each
@@ -71,12 +74,30 @@
.Xr rc 8
script in the
.Pa /etc/rc.conf.d
-directory, which will be included by the
+directory or
+.Ao Ar dir Ac Ns Pa /rc.conf.d
+directories specified in
+.Va local_startup ,
+which will be included by the
.Va load_rc_config
function.
For jail configurations you could use the file
.Pa /etc/rc.conf.d/jail
to store jail specific configuration options.
+If
+.Va local_startup
+contains
+.Pa /usr/local/etc/rc.d
+and
+.Pa /opt/conf ,
+.Pa /usr/local/rc.conf.d/jail
+and
+.Pa /opt/conf/rc.conf.d/jail
+will be loaded.
+If
+.Ao Ar dir Ac Ns Pa /rc.conf.d/ Ns Ao Ar name Ac
+is a directory,
+all of files in the directory will be loaded.
Also see the
.Va rc_conf_files
variable below.
@@ -163,12 +184,27 @@
always test whether or not the service is actually running.
Enabling this option is likely to increase your boot time if
services are enabled that utilize the force_depend check.
-.It Va swapfile
+.It Ao Ar name Ac Ns Va _chroot
.Pq Vt str
-If set to
-.Dq Li NO ,
-no swapfile is installed, otherwise the value is used as the full
-pathname to a file to use for additional swap space.
+.Xr chroot 8
+to this directory before running the service.
+.It Ao Ar name Ac Ns Va _user
+.Pq Vt str
+Run the service under this user account.
+.It Ao Ar name Ac Ns Va _group
+.Pq Vt str
+Run the chrooted service under this system group. Unlike the _user
+setting, this setting has no effect if the service is not chrooted.
+.It Ao Ar name Ac Ns Va _fib
+.Pq Vt int
+The
+.Xr setfib 1
+value to run the service under.
+.It Ao Ar name Ac Ns Va _nice
+.Pq Vt int
+The
+.Xr nice 1
+value to run the service under.
.It Va apm_enable
.Pq Vt bool
If set to
@@ -276,22 +312,6 @@
these are the flags to pass to the
.Xr powerd 8
daemon.
-.It Va sensorsd_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-Setting this to
-.Dq Li YES
-enables
-.Xr sensorsd 8 ,
-a sensors monitoring and logging daemon.
-.It Va sensorsd_flags
-.Pq Vt str
-Empty by default.
-This variable contains additional flags passed to the
-.Xr sensorsd 8
-program.
.It Va tmpmfs
Controls the creation of a
.Pa /tmp
@@ -403,7 +423,7 @@
this variable should be set to an empty string.
If this value remains unset when the system is done booting
your console login will display the default hostname of
-.Dq redshirt .
+.Dq Amnesiac .
.It Va nisdomainname
.Pq Vt str
The NIS domain name of this host, or
@@ -518,6 +538,16 @@
This is equivalent to the
.Dv IPFIREWALL_VERBOSE
kernel option.
+.It Va firewall_logif
+.Pq Vt bool
+Set to
+.Dq Li YES
+to create pseudo interface
+.Li ipfw0
+for logging.
+For more details, see
+.Xr ipfw 8
+manual page.
.It Va firewall_flags
.Pq Vt str
Flags passed to
@@ -910,6 +940,33 @@
This variable contains additional flags passed to the
.Xr pflogd 8
program.
+.It Va pflog_instances
+.Pq Vt str
+If logging to more than one
+.Xr pflog 4
+interface is desired,
+.Va pflog_instances
+is set to the list of
+.Xr pflogd 8
+instances that should be started at system boot time. If
+.Va pflog_instances
+is set, for each whitespace-seperated
+.Ar element
+in the list,
+.Ao Ar element Ac Ns Va _dev
+and
+.Ao Ar element Ac Ns Va _logfile
+elements are assumed to exist.
+.Ao Ar element Ac Ns Va _dev
+must contain the
+.Xr pflog 4
+interface to be watched by the named
+.Xr pflogd 8
+instance.
+.Ao Ar element Ac Ns Va _logfile
+must contain the name of the logfile that will be used by the
+.Xr pflogd 8
+instance.
.It Va ftpproxy_enable
.Pq Vt bool
Set to
@@ -928,6 +985,19 @@
This variable contains additional flags passed to the
.Xr ftp-proxy 8
program.
+.It Va ftpproxy_instances
+.Pq Vt str
+Empty by default. If multiple instances of
+.Xr ftp-proxy 8
+are desired at boot time,
+.Va ftpproxy_instances
+should contain a whitespace-seperated list of instance names. For each
+.Ar element
+in the list, a variable named
+.Ao Ar element Ac Ns Va _flags
+should be defined, containing the command-line flags to be passed to the
+.Xr ftp-proxy 8
+instance.
.It Va pfsync_enable
.Pq Vt bool
Set to
@@ -1111,44 +1181,76 @@
.Xr ifconfig 8
while the order of the other arguments is preserved.
.Pp
-One can configure more than one IPv4 address with the
-.Va ipv4_addrs_ Ns Aq Ar interface
-variable.
-One or more IP addresses must be provided in Classless Inter-Domain
-Routing (CIDR) address notation, whose last byte can be a range like
-192.0.2.5-23/24.
-In this case the address 192.0.2.5 will be configured with the
+It is possible to add IP alias entries using
+.Xr ifconfig 8
+syntax with the address family keyword such as
+.Li inet .
+Assuming that the interface in question was
+.Li ed0 ,
+it might look something like this:
+.Bd -literal
+ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
+ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
+.Ed
+.Pp
+It also possible to configure multiple IP addresses in Classless
+Inter-Domain Routing
+.Pq CIDR
+address notation,
+whose each address component can be a range like
+.Li inet 192.0.2.5-23/24
+or
+.Li inet6 2001:db8:1-f::1/64 .
+This notation allows address and prefix length part only,
+not the other address modifiers.
+Note that the maximum number of the generated addresses from a range
+specification is limited to an integer value specified in
+.Va netif_ipexpand_max
+in
+.Xr rc.conf 5
+because a small typo can unexpectedly generate a large number of addresses.
+The default value is
+.Li 2048 .
+It can be increased by adding the following line into
+.Xr rc.conf 5 :
+.Bd -literal
+netif_ipexpand_max="4096"
+.Ed
+.Pp
+In the case of
+.Li 192.0.2.5-23/24 ,
+the address 192.0.2.5 will be configured with the
netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with
the non-conflicting netmask /32 as explained in the
.Xr ifconfig 8
alias section.
+Note that this special netmask handling is only for
+.Li inet ,
+not for the other address families such as
+.Li inet6 .
+.Pp
With the interface in question being
.Li ed0 ,
an example could look like:
.Bd -literal
-ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28"
+ifconfig_ed0_alias2="inet 192.0.2.129/27"
+ifconfig_ed0_alias3="inet 192.0.2.1-5/28"
.Ed
.Pp
-It is also possible to add IP alias entries using
-.Xr ifconfig 8
-syntax with the
-.Dq Li inet
-keyword.
-Assuming that the interface in question was
-.Li ed0 ,
-it might look
-something like this:
-.Bd -literal
-ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
-ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
-.Ed
+and so on.
.Pp
-And so on.
+Note that
+.Va ipv4_addrs_ Ns Aq Ar interface
+variable was supported for IPv4 CIDR address notation.
+It is now deprecated because the functionality was integrated into
+.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
+though
+.Va ipv4_addrs_ Ns Aq Ar interface
+is still supported for backward compatibility.
+.Pp
For each
.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
-entry with the
-.Dq Li inet
-keyword that is found,
+entry with an address family keyword,
its contents are passed to
.Xr ifconfig 8 .
Execution stops at the first unsuccessful access, so if
@@ -1166,10 +1268,22 @@
stop with the missing
.Dq Li alias3
entry.
-Due to this difficult to manage behavior, the
+Because of this difficult to manage behavior,
+there is
+.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _aliases
+variable, which has the same functionality as
.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
-form is deprecated.
+and can have all of entries in a variable like the following:
+.Bd -literal
+ifconfig_ed0_aliases="\\
+ inet 127.0.0.251 netmask 0xffffffff \\
+ inet 127.0.0.252 netmask 0xffffffff \\
+ inet 127.0.0.253 netmask 0xffffffff \\
+ inet 127.0.0.254 netmask 0xffffffff"
+.Ed
.Pp
+It also supports CIDR notation.
+.Pp
If the
.Pa /etc/start_if. Ns Aq Ar interface
file is present, it is read and executed by the
@@ -1275,7 +1389,7 @@
ifconfig_ed0="DHCP"
.Ed
.Pp
-Also, if you want to configure your wireless interface with
+If you want to configure your wireless interface with
.Xr wpa_supplicant 8
for use with WPA, EAP/LEAP or WEP, you need to add
.Dq Li WPA
@@ -1283,6 +1397,17 @@
.Va ifconfig_ Ns Aq Ar interface
variable.
.Pp
+On the other hand, if you want to configure your wireless interface with
+.Xr hostapd 8 ,
+you need to add
+.Dq Li HOSTAP
+to the
+.Va ifconfig_ Ns Aq Ar interface
+variable.
+.Xr hostapd 8
+will use the settings from
+.Pa /etc/hostapd- Ns Ao Ar interface Ac Ns .conf
+.Pp
Finally, you can add
.Xr ifconfig 8
options in this variable, in addition to the
@@ -1451,6 +1576,23 @@
.Pp
Default is
.Dq Li NO .
+.It Va ifconfig_ Ns Ao Ar interface Ac Ns _descr
+.Pq Vt str
+This assigns arbitrary description to an interface.
+The
+.Xr sysctl 8
+variable
+.Va net.ifdescr_maxlen
+limits its length.
+This static setting may be overridden by commands
+started with dynamic interface configuration utilities
+like
+.Xr dhclient 8
+hooks. The description can be seen with
+.Xr ifconfig 8
+command and it may be exported with
+.Xr bsnmpd 1
+daemon using its MIB-2 module.
.It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
.Pq Vt str
IPv6 functionality on an interface should be configured by
@@ -1600,11 +1742,33 @@
command for each interface by setting the
.Va create_args_ Ns Aq Ar interface
variable.
+If an interface name is specified with
+.Dq :sticky
+keyword,
+the interface will not be destroyed even when
+.Pa rc.d/netif
+script is invoked with
+.Dq stop
+argument.
+This is useful when reconfiguring the interface without destroying it.
Entries in
.Va cloned_interfaces
are automatically appended to
.Va network_interfaces
for configuration.
+.It Va cloned_interfaces_sticky
+.Pq Vt bool
+This variable is to globally enable functionality of
+.Dq :sticky
+keyword in
+.Va cloned_interfaces
+for all interfaces.
+The default value is
+.Dq NO .
+Even if this variable is specified to
+.Dq YES ,
+.Dq :nosticky
+keyword can be used to override it on per interface basis.
.It Va fec_interfaces
.Pq Vt str
Set to the list of
@@ -1634,6 +1798,8 @@
.Ed
.It Va gif_interfaces
.Pq Vt str
+This variable is deprecated in favor of
+.Va cloned_interfaces .
Set to the list of
.Xr gif 4
tunnel interfaces to configure on this host.
@@ -1833,12 +1999,6 @@
This can be changed for every device separately by defining
.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach
variable.
-.It Va geli_swap_flags
-Options passed to the
-.Xr geli 8
-utility when encrypted GEOM providers for swap partitions are created.
-The default is
-.Dq Li "-e aes -l 256 -s 4096 -d" .
.It Va root_rw_mount
.Pq Vt bool
Set to
@@ -1974,104 +2134,32 @@
.Dq Li YES ,
these are the flags to pass to
.Xr hastd 8 .
-.It Va named_enable
+.It Va local_unbound_enable
.Pq Vt bool
If set to
.Dq Li YES ,
run the
-.Xr named 8
-daemon.
-.It Va named_program
-.Pq Vt str
-Path to
-.Xr named 8
-(default
-.Pa /usr/sbin/named ) .
-.It Va named_conf
-.Pq Vt str
-Path to
-.Xr named 8
-configuration file, (default
-.Pa /etc/namedb/named.conf ) .
-.It Va named_flags
-.Pq Vt str
-If
-.Va named_enable
-is set to
-.Dq Li YES ,
-these are the flags to pass to
-.Xr named 8 .
-.It Va named_uid
-.Pq Vt str
-The user that the
-.Xr named 8
-process should be run as.
-.It Va named_chrootdir
-.Pq Vt str
-The root directory for a name server run in a
-.Xr chroot 8
-environment (default
-.Pa /var/named ) .
-If left empty
-.Xr named 8
-will not be run in a
-.Xr chroot 8
-environment.
-.It Va named_chroot_autoupdate
+.Xr unbound 8
+daemon as a local caching resolver.
+.It Va kdc_enable
.Pq Vt bool
Set to
-.Dq Li NO
-to disable automatic update of the
-.Xr chroot 8
-environment.
-.It Va named_symlink_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-to disable symlinking of
-daemon's PID file
-into the
-.Xr chroot 8
-environment.
-.It Va named_wait
-.Pq Vt bool
-Set to have
-.Pa /etc/rc.d/named
-loop until working name service is established.
-.It Va named_wait_host
-.Pq Vt str
-Name of host to lookup for the named_wait option.
-(Default localhost)
-.It Va named_auto_forward
-.Pq Vt bool
-Set to enable automatic creation of a forwarder
-configuration file derived from
-.Pa /etc/resolv.conf .
-.It Va named_auto_forward_only
-.Pq Vt bool
-Set to change the default forwarder configuration from
-.Dq forward first
-to
-.Dq forward only .
-.It Va kerberos5_server_enable
-.Pq Vt bool
-Set to
.Dq Li YES
to start a Kerberos 5 authentication server
at boot time.
-.It Va kerberos5_server
+.It Va kdc_program
.Pq Vt str
If
-.Va kerberos5_server_enable
+.Va kdc_enable
is set to
.Dq Li YES
this is the path to Kerberos 5 Authentication Server.
-.It Va kerberos5_server_flags
+.It Va kdc_flags
.Pq Vt str
Empty by default.
This variable contains additional flags to be passed to the Kerberos 5
authentication server.
-.It Va kadmind5_server_enable
+.It Va kadmind_enable
.Pq Vt bool
Set to
.Dq Li YES
@@ -2080,14 +2168,14 @@
the Kerberos 5 Administration Daemon; set to
.Dq Li NO
on a slave server.
-.It Va kadmind5_server
+.It Va kadmind_program
.Pq Vt str
If
-.Va kadmind5_server_enable
+.Va kadmind_enable
is set to
.Dq Li YES
this is the path to Kerberos 5 Administration Daemon.
-.It Va kpasswdd_server_enable
+.It Va kpasswdd_enable
.Pq Vt bool
Set to
.Dq Li YES
@@ -2096,13 +2184,26 @@
the Kerberos 5 Password-Changing Daemon; set to
.Dq Li NO
on a slave server.
-.It Va kpasswdd_server
+.It Va kpasswdd_program
.Pq Vt str
If
-.Va kpasswdd_server_enable
+.Va kpasswdd_enable
is set to
.Dq Li YES
this is the path to Kerberos 5 Password-Changing Daemon.
+.It Va kfd_enable
+.Pq Vt bool
+Set to
+.Dq Li YES
+to start
+.Xr kfd 8 ,
+the Kerberos 5 ticket forwarding daemon, at the boot time.
+.It Va kfd_program
+.Pq Vt str
+Path to
+.Xr kfd 8
+(default
+.Pa /usr/libexec/kfd ) .
.It Va rwhod_enable
.Pq Vt bool
If set to
@@ -2425,10 +2526,6 @@
synchronize the system clock only
.Em once
from some standard reference.
-An option to set this up initially
-(from a list of known servers) is also provided by the
-.Xr sysinstall 8
-program when the system is first installed.
.It Va ntpdate_config
.Pq Vt str
Configuration file for
@@ -2667,10 +2764,18 @@
operation.
For example:
.Bd -literal
-static_routes="mcast gif0local"
+static_routes="ext mcast:gif0 gif0local:gif0"
+route_ext="-net 10.0.0.0/24 -gateway 192.168.0.1"
route_mcast="-net 224.0.0.0/4 -iface gif0"
route_gif0local="-host 169.254.1.1 -iface lo0"
.Ed
+.Pp
+When an
+.Ar element
+is in the form of
+.Li name:ifname ,
+the route is specific to the interface
+.Li ifname .
.It Va ipv6_static_routes
.Pq Vt str
The IPv6 equivalent of
@@ -3108,8 +3213,13 @@
If set to
.Dq Li NO ,
no keymap is installed, otherwise the value is used to install
-the keymap file in
-.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
+the keymap file found in
+.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd
+(if using
+.Xr syscons 4 ) or
+.Pa /usr/share/vt/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd
+(if using
+.Xr vt 4 ) .
.It Va keyrate
.Pq Vt str
The keyboard repeat speed.
@@ -3144,6 +3254,9 @@
no screen map is installed, otherwise the value is used to install
the screen map file in
.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
+This parameter is ignored when using
+.Xr vt 4
+as the console driver.
.It Va font8x16
.Pq Vt str
If set to
@@ -3151,7 +3264,9 @@
the default 8x16 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
-is used.
+or
+.Pa /usr/share/vt/fonts/ Ns Aq Ar value
+is used (depending on the console driver being used).
.It Va font8x14
.Pq Vt str
If set to
@@ -3159,7 +3274,9 @@
the default 8x14 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
-is used.
+or
+.Pa /usr/share/vt/fonts/ Ns Aq Ar value
+is used (depending on the console driver being used).
.It Va font8x8
.Pq Vt str
If set to
@@ -3167,7 +3284,9 @@
the default 8x8 font value is used for screen size requests, otherwise
the value in
.Pa /usr/share/syscons/fonts/ Ns Aq Ar value
-is used.
+or
+.Pa /usr/share/vt/fonts/ Ns Aq Ar value
+is used (depending on the console driver being used).
.It Va blanktime
.Pq Vt int
If set to
@@ -3297,7 +3416,7 @@
.Dq Li YES ,
this is the actual port the mouse is on.
It might be
-.Pa /dev/cuad0
+.Pa /dev/cuau0
for a COM1 serial mouse,
.Pa /dev/psm0
for a PS/2 mouse or
@@ -3374,6 +3493,8 @@
.Dq Fl h Li 200
will set the
.Xr syscons 4
+or
+.Xr vt 4
scrollback (history) buffer to 200 lines.
.It Va cron_enable
.Pq Vt bool
@@ -3584,6 +3705,23 @@
is set to
.Dq Li YES ,
this specifies a list of additional iBCS2 loaders to enable.
+.It Va firstboot_sentinel
+.Pq Vt str
+This variable specifies the full path to a
+.Dq first boot
+sentinel file.
+If a file exists with this path,
+.Pa rc.d
+scripts with the
+.Dq firstboot
+keyword will be run on startup and the sentinel file will be deleted
+after the boot process completes.
+The sentinel file must be located on a writable file system which is
+mounted no later than
+.Va early_late_divider
+to function properly.
+The default is
+.Pa /firstboot .
.It Va linux_enable
.Pq Vt bool
Set to
@@ -3800,28 +3938,18 @@
If set to
.Dq Li NO ,
any configured jails will not be started.
-.It jail_parallel_start
+.It Va jail_conf
+.Pq Vt str
+The configuration filename used by
+.Xr jail 8
+utility.
+The default value is
+.Pa /etc/jail.conf .
+.It Va jail_parallel_start
.Pq Vt bool
If set to
-.Dq Li YES
-all configured jails will be started in the background (= in parallel).
-.It Va jail_list
-.Pq Vt str
-A space separated list of names for jails.
-This is purely a configuration aid to help identify and
-configure multiple jails.
-The names specified in this list will be used to
-identify settings common to an instance of a jail,
-and should contain alphanumeric characters only.
-Assuming that the jail in question was named
-.Li vjail ,
-you would have the following dependent variables:
-.Bd -literal
-jail_vjail_hostname="jail.example.com"
-jail_vjail_ip="192.0.2.100"
-jail_vjail_rootdir="/var/jails/vjail/root"
-.Ed
-.Pp
+.Dq Li YES ,
+all configured jails will be started in the background (in parallel).
.It Va jail_flags
.Pq Vt str
Unset by default.
@@ -3829,357 +3957,151 @@
.Va jail_ Ns Ao Ar jname Ac Ns Va _flags
for every jail in
.Va jail_list .
-.It Va jail_interface
+.It Va jail_list
.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _interface
-for every jail in
-.Va jail_list .
-.It Va jail_fstab
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
-for every jail in
-.Va jail_list .
-.It Va jail_mount_enable
+A space-delimited list of jail names.
+When left empty, all of the
+.Xr jail 8
+instances defined in the configuration file are started.
+The names specified in this list control the jail startup order.
+.Xr jail 8
+instances missing from
+.Va jail_list
+must be started manually.
+.It Va jail_reverse_stop
.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
When set to
.Dq Li YES ,
-sets
-.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
-to
-.Dq Li YES
-by default for every jail in
-.Va jail_list .
-.It Va jail_devfs_ruleset
-.Pq Vt str
-Unset by default.
-When set, sets
-.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
-to given value for every jail in
-.Va jail_list .
-.It Va jail_devfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-sets
-.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
-to
-.Dq Li YES
-by default for every jail in
-.Va jail_list .
-.It Va jail_fdescfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-sets
-.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
-to
-.Dq Li YES
-by default for every jail in
-.Va jail_list .
-.It Va jail_procfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-sets
-.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
-to
-.Dq Li YES
-by default for every jail in
-.Va jail_list .
-.It Va jail_exec_prestart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N
-for every jail in
-.Va jail_list .
-.It Va jail_exec_start
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
-for every jail in
-.Va jail_list .
-.It Va jail_exec_afterstart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
-for every jail in
-.Va jail_list .
-.It Va jail_exec_poststart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N
-for every jail in
-.Va jail_list .
-.It Va jail_exec_prestop Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N
-for every jail in
-.Va jail_list .
-.It Va jail_exec_stop
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
-for every jail in
-.Va jail_list .
-.It Va jail_exec_poststop Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-When set, use as default value for
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N
-for every jail in
-.Va jail_list .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
-.Pq Vt str
-Unset by default.
-Set to the root directory used by jail
-.Va jname .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
-.Pq Vt str
-Unset by default.
-Set to the fully qualified domain name (FQDN) assigned to jail
-.Va jname .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _parameters
-.Pq Vt str
-Unset by default.
-Set extra parameters for jail
-.Va jname ,
-such as
-.Dq Li allow.chflags
-or
-.Dq Li children.max .
-See
+all configured jails in
+.Va jail_list
+are stopped in reverse order.
+.It Va jail_* variables
+Note that older releases supported per-jail configuration via
+.Xr rc.conf 5
+variables.
+For example,
+hostname of a jail named
+.Li vjail
+was able to be set by
+.Li jail_vjail_hostname .
+These per-jail configuration variables are now obsolete in favor of
.Xr jail 8
-for a list of available parameters.
-Note that the following parameters are already defined by
+configuration file.
+For backward compatibility,
+when per-jail configuration variables are defined,
+.Xr jail 8
+configuration files are created as
+.Pa /var/run/jail. Ns Ao Ar jname Ac Ns Pa .conf
+and used.
+.Pp
+The following per-jail parameters are handled by
.Pa rc.d/jail
script out of their corresponding
.Nm
-variables:
+variables.
+In addition to them, parameters in
+.Va jail_ Ns Ao Ar jname Ac Ns Va _parameters
+will be added to the configuration file.
+They must be a semi-colon
+.Pq Ql \&;
+delimited list of
+.Dq key=value .
+For more details,
+see
+.Xr jail 8
+manual page.
.Bl -tag -width "host.hostname" -offset indent
.It Li path
-set from
+set from
.Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
.It Li host.hostname
set from
.Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
-.It Li command
+.It Li exec.consolelog
set from
-.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
+.Va jail_ Ns Ao Ar jname Ac Ns Va _consolelog .
+The default value is
+.Pa /var/log/jail_ Ao Ar jname Ac Pa _console.log .
+.It Li interface
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _interface .
+.It Li vnet.interface
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _vnet_interface .
+This implies
+.Li vnet
+parameter will be enabled and cannot be specified with
+.Va jail_ Ns Ao Ar jname Ac Ns Va _interface ,
+.Va jail_ Ns Ao Ar jname Ac Ns Va _ip
+and/or
+.Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n
+at the same time.
+.It Li fstab
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
+.It Li mount
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable .
+.It Li exec.fib
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _fib
+.It Li exec.start
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start .
+The parameter name was
+.Li command
+in some older releases.
+.It Li exec.prestart
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart
+.It Li exec.poststart
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart
+.It Li exec.stop
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
+.It Li exec.prestop
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop
+.It Li exec.poststop
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop
.It Li ip4.addr
set if
.Va jail_ Ns Ao Ar jname Ac Ns Va _ip
-contains IPv4 addresses
+or
+.Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n
+contain IPv4 addresses
.It Li ip6.addr
set if
-.Va jail_ Ns Ao Ar jname Ac Ns Va _ip6
-contains IPv6 addresses
+.Va jail_ Ns Ao Ar jname Ac Ns Va _ip
+or
+.Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n
+contain IPv6 addresses
+.It Li allow.mount
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
+.It Li mount.devfs
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
+.It Li devfs_ruleset
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset .
+This must be an integer,
+not a string.
+.It Li mount.fdescfs
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
+.It Li allow.set_hostname
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _set_hostname_allow
+.It Li allow.rawsocket
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _socket_unixiproute_only
+.It Li allow.sysvipc
+set from
+.Va jail_ Ns Ao Ar jname Ac Ns Va _sysvipc_allow
.El
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
-.Pq Vt str
-Unset by default.
-Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail.
-The argument can be a sole address or a comma separated list of addresses.
-Additionally each address can be prefixed by the name of an interface
-followed by a pipe to overwrite
-.Va jail_ Ns Ao Ar jname Ac Ns Va _interface
-or
-.Va jail_interface
-and/or suffixed by a netmask, prefixlen or prefix.
-In case no netmask, prefixlen or prefix is given,
-.Sq /32
-will be used for IPv4 and
-.Sq /128
-will be used for an IPv6 address.
-If no address is given for the jail then the jail will be started with
-no networking support.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n
-.Pq Vt str
-Unset by default.
-Set additional IPv4 and/or IPv6 address(es) assigned to the jail.
-The sequence starts with
-.Dq Li _multi0
-and the numbers have to be strictly ascending.
-These entries follow the same syntax as their primary
-.Va jail_ Ns Ao Ar jname Ac Ns Va _ip
-entry.
-The order of the entries can be important as the first address for
-each address family found will be the primary address of the jail.
-See
-.Va ip-addresses
-option in
-.Xr jail 8
-for more details.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
-.Pq Vt str
-Set to
-.Dq Li -l -U root
-by default.
-These are flags to pass to
-.Xr jail 8 .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
-.Pq Vt str
-Unset by default.
-When set, sets the interface to use when setting IP address alias.
-Note that the alias is created at jail startup and removed at jail shutdown.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib
-.Pq Vt str
-Unset by default.
-When set, the jail is started with the specified forwarding table (sometimes
-referred to as a routing table) via
-.Xr setfib 1 .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
-.Pq Vt str
-Set to
-.Pa /etc/fstab. Ns Aq Ar jname
-by default.
-This is the file system information file to use for jail
-.Va jname .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-mount all file systems from
-.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
-at jail startup.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
-.Pq Vt str
-Unset by default.
-When set, defines the device file system ruleset file to use for jail
-.Va jname .
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-mount the device file system inside jail
-.Ar jname
-at jail startup.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-mount the file-descriptor file system inside jail
-.Ar jname
-at jail startup.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
-.Pq Vt bool
-Set to
-.Dq Li NO
-by default.
-When set to
-.Dq Li YES ,
-mount the process file system inside jail
-.Ar jname
-at jail startup.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-This is the command run as
-.Ar N Ns
-th command
-before jail startup, where
-.Ar N
-is 0, 1, and so on.
-It is run outside the jail.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
-.Pq Vt str
-Set to
-.Dq Li /bin/sh /etc/rc
-by default.
-This is the command executed in a jail at jail startup.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-This is the command run as
-.Ar N Ns
-th command
-in a jail
-after jail startup, where
-.Ar N
-is 1, 2, and so on.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-This is the command run as
-.Ar N Ns
-th command
-after jail startup, where
-.Ar N
-is 0, 1, and so on.
-It is run outside the jail.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-This is the command run as
-.Ar N Ns
-th command
-before jail shutdown, where
-.Ar N
-is 0, 1, and so on.
-It is run outside the jail.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
-.Pq Vt str
-Set to
-.Dq Li /bin/sh /etc/rc.shutdown
-by default.
-This is the command executed in a jail at jail shutdown.
-.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N
-.Pq Vt str
-Unset by default.
-This is the command run as
-.Ar N Ns
-th command
-after jail shutdown, where
-.Ar N
-is 0, 1, and so on.
-It is run outside the jail.
-.It Va jail_set_hostname_allow
-.Pq Vt bool
-If set to
-.Dq Li NO ,
-do not allow the root user in a jail to set its hostname.
-.It Va jail_socket_unixiproute_only
-.Pq Vt bool
-If set to
-.Dq Li YES ,
-do not allow any sockets,
-besides UNIX/IP/route sockets,
-to be used within a jail.
-.It Va jail_sysvipc_allow
-.Pq Vt bool
-If set to
-.Dq Li YES ,
-allow applications within a jail to use System V IPC.
.\" -----------------------------------------------------
.It Va harvest_interrupt
.Pq Vt bool
@@ -4605,6 +4527,102 @@
Defines the total number of seconds to wait for link to become usable,
polled at a 1-second interval.
The default is 30.
+.It Va rctl_enable
+.Pq Vt bool
+If set to
+.Dq Li YES ,
+load
+.Xr rctl 8
+rules from the defined ruleset.
+The kernel must be built with
+.Cd "options RACCT"
+and
+.Cd "options RCTL" .
+.It Va rctl_rules
+.Pq Vt str
+Set to
+.Pa /etc/rctl.conf
+by default.
+This variables contains the
+.Xr rctl.conf 5
+ruleset to load for
+.Xr rctl 8 .
+.It Va autofs_enable
+.Pq Vt bool
+If set to
+.Dq Li YES ,
+start the
+.Xr automount 8
+utility and the
+.Xr automountd 8
+and
+.Xr autounmountd 8
+daemons at boot time.
+.It Va automount_flags
+.Pq Vt str
+If
+.Va autofs_enable
+is set to
+.Dq Li YES ,
+these are the flags to pass to the
+.Xr automount 8
+program.
+By default no flags are passed.
+.It Va automountd_flags
+.Pq Vt str
+If
+.Va autofs_enable
+is set to
+.Dq Li YES ,
+these are the flags to pass to the
+.Xr automountd 8
+daemon.
+By default no flags are passed.
+.It Va autounmountd_flags
+.Pq Vt str
+If
+.Va autofs_enable
+is set to
+.Dq Li YES ,
+these are the flags to pass to the
+.Xr autounmountd 8
+daemon.
+By default no flags are passed.
+.It Va ctld_enable
+.Pq Vt bool
+If set to
+.Dq Li YES ,
+start the
+.Xr ctld 8
+daemon at boot time.
+.It Va iscsid_enable
+.Pq Vt bool
+If set to
+.Dq Li YES ,
+start the
+.Xr iscsid 8
+daemon at boot time.
+.It Va iscsictl_enable
+.Pq Vt bool
+If set to
+.Dq Li YES ,
+start the
+.Xr iscsictl 8
+utility at boot time.
+.It Va iscsictl_flags
+.Pq Vt str
+If
+.Va iscsictl_enable
+is set to
+.Dq Li YES ,
+these are the flags to pass to the
+.Xr iscsictl 8
+program.
+The default is
+.Dq Li -Aa ,
+which configures sessions based on the
+.Pa /etc/iscsi.conf
+configuration file.
.El
.Sh FILES
.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
@@ -4638,6 +4656,7 @@
.Xr fstab 5 ,
.Xr ipf 5 ,
.Xr ipnat 5 ,
+.Xr jail.conf 5 ,
.Xr motd 5 ,
.Xr newsyslog.conf 5 ,
.Xr pf.conf 5 ,
@@ -4669,7 +4688,6 @@
.Xr mountd 8 ,
.Xr moused 8 ,
.Xr mrouted 8 ,
-.Xr named 8 ,
.Xr newfs 8 ,
.Xr newsyslog 8 ,
.Xr nfsd 8 ,
@@ -4696,7 +4714,9 @@
.Xr swapon 8 ,
.Xr sysctl 8 ,
.Xr syslogd 8 ,
+.Xr sysrc 8 ,
.Xr timed 8 ,
+.Xr unbound 8 ,
.Xr usbconfig 8 ,
.Xr wlandebug 8 ,
.Xr yp 8 ,
Property changes on: trunk/share/man/man5/rc.conf.5
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
More information about the Midnightbsd-cvs
mailing list